77 matches found
Information disclosure
An information disclosure vulnerability in the kernel ION subsystem could enable a local malicious application to access data outside of its permission levels. This issue is rated as Low because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.18. Android...
Security vulnerabilities fixed in Firefox 54 — Mozilla
A use-after-free vulnerability with the frameloader during tree reconstruction while regenerating CSS layout when attempting to use a node in the tree that no longer exists. This results in a potentially exploitable crash. A use-after-free vulnerability when using an incorrect URL during the...
CVE-2017-0624
An information disclosure vulnerability in the Qualcomm Wi-Fi driver could enable a local malicious application to access data outside of its permission levels. This issue is rated as High because it could be used to access sensitive data without explicit user permission. Product: Android...
CVE-2017-0586
An information disclosure vulnerability in the Qualcomm sound driver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10,...
UBUNTU-CVE-2017-0557
An information disclosure vulnerability in libmpeg2 in Mediaserver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it could be used to access data without permission. Product: Android. Versions: 6.0, 6.0.1, 7.0,...
CVE-2016-8483
An information disclosure vulnerability in the Qualcomm power driver could enable a local malicious application to access data outside of its permission levels. This issue is rated as High because it could be used to access sensitive data without explicit user permission. Product: Android...
UBUNTU-CVE-2017-0534
An information disclosure vulnerability in the Qualcomm video driver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.18...
UBUNTU-CVE-2016-6720
An information disclosure vulnerability in libstagefright in Mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, 6.x before 2016-11-01, and 7.0 before 2016-11-01 could enable a local malicious application to access data outside of its permission levels. This issue is...
UBUNTU-CVE-2016-6153
osunix.c in SQLite before 3.13.0 improperly implements the temporary directory search algorithm, which might allow local users to obtain sensitive information, cause a denial of service application crash, or have unspecified other impact by leveraging use of the current working directory for...
Unspecified Vulnerability in Oracle Enterprise Manager Grid Control Enterprise Manager Base Platform Agent Next Gen Component (CNVD-2016-00703)
Oracle Enterprise Manager is an enhanced management suite for ORACLE Fusion endpoint software. An unspecified vulnerability in the Enterprise Manager Base Platform Agent Next Gen component of Oracle Enterprise Manager Grid Control allows local attackers to exploit the vulnerability to access data...
Unspecified Vulnerability in Oracle Enterprise Manager Grid Control Enterprise Manager Base Platform Agent Next Gen Component (CNVD-2016-00702)
Oracle Enterprise Manager is an enhanced management suite for ORACLE Fusion endpoint software. An unspecified vulnerability in the Enterprise Manager Base Platform Agent Next Gen component of Oracle Enterprise Manager Grid Control allows local attackers to exploit the vulnerability to access data...
CVE-2015-4958
IBM InfoSphere Master Data Management - Collaborative Edition 9.1, 10.1, 11.0 before 11.0.0.0 IF11, 11.3 before 11.3.0.0 IF7, and 11.4 before 11.4.0.4 IF1 does not properly restrict browser caching, which allows local users to obtain sensitive information by reading cache files...
Vulnerabilities of the Gentoo Linux operating system, which allow a malicious individual to compromise the confidentiality, integrity, and accessibility of protected information
The multiple vulnerabilities in the bash package up to version 4.2p37 of the Gentoo Linux operating system can lead to violations of confidentiality, integrity, and accessibility of protected information. These vulnerabilities can be exploited locally...
firefox, xulrunner security update
CentOS Errata and Security Advisory CESA-2009:1095 Updated firefox packages that fix several security issues are now available for Red Hat Enterprise Linux 4 and 5. This update has been rated as having critical security impact by the Red Hat Security Response Team. Mozilla Firefox is an open sour...
Sun JMX RMI-IIOP本地非授权访问漏洞
Java Dynamic Management Kit (Java DMK)提供一组Java 类和工具,便于根据Java管理扩展(JMX)规范和SNMP标准开发安全的监控和管理解决方案。 如果拥有对某些本地数据访问权限的远程用户连接到了本地用户所创建的JMX RMI-IIOP服务器应用程序的话,JMX RMI-IIOP API中的安全漏洞就可能允许能够创建该应用程序的本地用户获取对这些数据的非授权访问。 这个漏洞仅影响包含有通过JMX RMI-IIOP API部署的应用程序的系统。满足了所有以下条件时JMX代理会出现这个漏洞: 1...
PT-2005-5529 · Ibm · Ibm Db2
Name of the Vulnerable Software and Affected Versions: IBM DB2 version 8.1 Description: The issue allows local users to gain unauthorized access and sensitive information, such as cleartext passwords, due to default permissions of read and write for the Everyone group in shared memory sections an...
Microsoft Windows XMLHTTP component allows remote access to local data sources
Overview The Microsoft XMLHTTP ActiveX control allows unauthorized reading of any known file on a system. A victim must be enticed to visit a malicious site in order to be attacked. Description Description from MS02-008:Microsoft XML Core Services MSXML includes the XMLHTTP ActiveX control, which...